Liquid Current

Privacy Policy

Liquid Current OTC Desk - Privacy Policy

Effective Date: January 2025

1. Introduction

Liquid Current OTC Desk ("we", "us", "our") operates under FSP License Number 53702, regulated by the Financial Sector Conduct Authority (FSCA) of South Africa. We are committed to protecting and respecting your privacy in accordance with the Protection of Personal Information Act (POPIA) and other applicable privacy laws.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our over-the-counter cryptocurrency trading services.

2. Information We Collect

2.1 Personal Information

We collect the following personal information:

  • Identity Information: Full name, date of birth, nationality, government-issued ID numbers
  • Contact Information: Email address, phone number, residential address
  • Financial Information: Bank account details, source of funds, transaction history
  • Verification Documents: ID documents, proof of address, bank statements
  • Biometric Data: Photographs for identity verification

2.2 Technical Information

  • IP addresses and device information
  • Browser type and version
  • Access times and pages viewed
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use your personal information for the following purposes:

  • Identity Verification: To comply with KYC and AML requirements
  • Service Provision: To provide OTC trading services and execute transactions
  • Risk Management: To assess and monitor trading risks and compliance
  • Communication: To provide updates on transactions and important notices
  • Legal Compliance: To meet regulatory obligations and reporting requirements
  • Fraud Prevention: To detect and prevent fraudulent activities

4. Legal Basis for Processing

Under POPIA, we process your personal information based on:

  • Consent: Where you have given explicit consent for specific purposes
  • Contractual Necessity: To fulfill our contractual obligations to you
  • Legal Obligation: To comply with regulatory and legal requirements
  • Legitimate Interest: For fraud prevention and business operations

5. Information Sharing and Disclosure

We may share your information with:

  • Regulatory Bodies: FSCA, SARB, FIC, and other applicable authorities
  • Law Enforcement: When required by law or court order
  • Service Providers: Third-party vendors who assist in our operations
  • Professional Advisors: Lawyers, auditors, and compliance consultants
  • Banking Partners: For transaction processing and verification

Important: We will never sell your personal information to third parties for marketing purposes.

6. Data Security

We implement comprehensive security measures including:

  • Encryption: All sensitive data is encrypted in transit and at rest
  • Access Controls: Strict user authentication and authorization protocols
  • Regular Audits: Periodic security assessments and penetration testing
  • Employee Training: Regular privacy and security awareness training
  • Incident Response: Procedures for handling security breaches

7. Data Retention

We retain your personal information:

  • KYC Records: For 5 years after account closure as required by FICA
  • Transaction Records: For 5 years as required by regulatory obligations
  • Communication Records: For 7 years for dispute resolution purposes
  • Marketing Consent: Until withdrawn or account closure

8. Your Rights Under POPIA

You have the following rights regarding your personal information:

  • Right to Access: Request copies of your personal information
  • Right to Correction: Request correction of inaccurate information
  • Right to Deletion: Request deletion where legally permissible
  • Right to Object: Object to processing for direct marketing
  • Right to Portability: Receive your data in a structured format
  • Right to Restriction: Request limitation of processing activities

Note: Some rights may be limited by regulatory requirements that mandate data retention for compliance purposes.

9. Cross-Border Data Transfers

Your personal information may be transferred outside South Africa for:

  • Cloud storage and backup services
  • International compliance and reporting
  • Technical support and maintenance

All cross-border transfers are conducted in accordance with POPIA requirements and include appropriate safeguards such as adequacy decisions, standard contractual clauses, or binding corporate rules.

10. Automated Decision Making and Profiling

We may use automated systems for:

  • Risk Assessment: Automated analysis of transaction patterns
  • Fraud Detection: Algorithmic monitoring for suspicious activities
  • Compliance Screening: Automated checks against sanctions lists

You have the right to request human intervention and challenge automated decisions that significantly affect you.

11. Cookies and Tracking Technologies

We use cookies and similar technologies for:

  • Essential Cookies: Required for platform functionality
  • Analytics Cookies: To understand platform usage patterns
  • Security Cookies: To detect and prevent fraudulent activities
  • Preference Cookies: To remember your settings and preferences

You can manage cookie preferences through your browser settings, though disabling essential cookies may affect platform functionality.

12. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the Information Regulator within 72 hours
  • Inform affected individuals without undue delay
  • Provide clear information about the breach and mitigation steps
  • Implement measures to prevent future breaches

13. Third-Party Services

We work with trusted third-party service providers including:

  • Identity Verification Services: For enhanced KYC procedures
  • Cloud Infrastructure Providers: For secure data storage and processing
  • Payment Processors: For transaction settlement
  • Analytics Providers: For platform performance monitoring

All third-party providers are contractually bound to protect your information and use it only for specified purposes.

14. Marketing Communications

We may send you marketing communications about our services where:

  • You have provided explicit consent
  • It relates to similar services you have used
  • Required for important service updates

You can opt-out of marketing communications at any time by contacting us or using unsubscribe links in our emails.

15. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will take steps to delete it promptly.

16. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of material changes through:

  • Email notifications to registered users
  • Prominent notices on our platform
  • Updated version numbers and effective dates

17. Information Officer

Our Information Officer is responsible for ensuring compliance with POPIA and handling privacy-related inquiries. You can contact our Information Officer regarding:

  • Data subject access requests
  • Privacy complaints or concerns
  • Questions about data processing activities
  • Requests to exercise your privacy rights

18. Complaints Process

If you have concerns about our privacy practices:

18.1 Internal Complaints

  • Contact our Information Officer directly
  • We will acknowledge your complaint within 48 hours
  • Investigation and response within 30 days

18.2 External Complaints

You may also lodge complaints with:

  • The Information Regulator of South Africa
  • The Financial Sector Conduct Authority (FSCA)

19. International Compliance

While primarily governed by South African law, we also consider international privacy standards including:

  • General Data Protection Regulation (GDPR) principles
  • International financial privacy standards
  • Best practices for cryptocurrency platforms

20. Special Categories of Data

We may process special categories of personal information where:

  • Required for regulatory compliance (e.g., sanctions screening)
  • Necessary for fraud prevention and detection
  • You have provided explicit consent

Such processing is subject to additional safeguards and restrictions under POPIA.

21. Contact Information

For privacy-related inquiries, data subject requests, or complaints:

Information Officer: Liquid Current OTC Desk

Email: privacy@liquidcurrent.co.za

Support: support@liquidcurrent.co.za

WhatsApp: +27 73 147 5549

FSP License: 53702

Regulatory Authority: Financial Sector Conduct Authority (FSCA)

22. Regulatory Authorities

Information Regulator

Address: JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
Email: inforeg@justice.gov.za
Website: www.justice.gov.za/inforeg/

Financial Sector Conduct Authority

Address: Riverwalk Office Park, Block B, 41 Matroosberg Road, Ashlea Gardens, Pretoria
Email: info@fsca.co.za
Website: www.fsca.co.za

Last Updated: January 2025
Version: 2.0
Policy Review Date: January 2026

This Privacy Policy forms part of our Terms and Conditions. By using our services, you acknowledge that you have read, understood, and agree to this Privacy Policy.